BookStack Code Mirror - bookstack/blobdiff

index 29a0ebc14aceae23c3e33fcfece504b4897d14b8..ff2e91ee23a8ad8c7b3dfdee003ff741a04db1a4 100644 (file)

--- a/app/Auth/UserRepo.php

+++ b/app/Auth/UserRepo.php

@@ -1,6 +1,7 @@

-<?php namespace BookStack\Auth;

+<?php

+namespace BookStack\Auth;

-use Activity;

use BookStack\Entities\EntityProvider;

use BookStack\Entities\Models\Book;

use BookStack\Entities\Models\Bookshelf;

@@ -8,14 +9,12 @@ use BookStack\Entities\Models\Chapter;

use BookStack\Entities\Models\Page;

use BookStack\Exceptions\NotFoundException;

use BookStack\Exceptions\UserUpdateException;

-use BookStack\Uploads\Image;

use BookStack\Uploads\UserAvatars;

use Exception;

use Illuminate\Database\Eloquent\Builder;

use Illuminate\Database\Eloquent\Collection;

use Illuminate\Pagination\LengthAwarePaginator;

-use Images;

-use Log;

+use Illuminate\Support\Facades\Log;

class UserRepo

{

@@ -45,6 +44,14 @@ class UserRepo

return User::query()->findOrFail($id);

}

+ /**

+ * Get a user by their slug.

+ */

+ public function getBySlug(string $slug): User

+ {

+ return User::query()->where('slug', '=', $slug)->firstOrFail();

+ }

/**

* Get all the users with their permissions.

@@ -55,14 +62,18 @@ class UserRepo

/**

* Get all the users with their permissions in a paginated format.

+ * Note: Due to the use of email search this should only be used when

+ * user is assumed to be trusted. (Admin users).

+ * Email search can be abused to extract email addresses.

public function getAllUsersPaginatedAndSorted(int $count, array $sortData): LengthAwarePaginator

{

$sort = $sortData['sort'];

$query = User::query()->select(['*'])

- ->withLastActivityAt()

+ ->scopes(['withLastActivityAt'])

->with(['roles', 'avatar'])

+ ->withCount('mfaValues')

->orderBy($sort, $sortData['order']);

if ($sortData['search']) {

@@ -76,7 +87,7 @@ class UserRepo

return $query->paginate($count);

}

- /**

+ /**

* Creates a new user and attaches a role to them.

public function registerNew(array $data, bool $emailConfirmed = false): User

@@ -90,6 +101,7 @@ class UserRepo

/**

* Assign a user to a system-level role.

+ *

* @throws NotFoundException

public function attachSystemRole(User $user, string $systemRoleName)

@@ -120,6 +132,7 @@ class UserRepo

/**

* Set the assigned user roles via an array of role IDs.

+ *

* @throws UserUpdateException

public function setUserRoles(User $user, array $roles)

@@ -135,7 +148,7 @@ class UserRepo

* Check if the given user is the last admin and their new roles no longer

* contains the admin role.

- protected function demotingLastAdmin(User $user, array $newRoles) : bool

+ protected function demotingLastAdmin(User $user, array $newRoles): bool

{

if ($this->isOnlyAdmin($user)) {

$adminRole = Role::getSystemRole('admin');

@@ -153,33 +166,36 @@ class UserRepo

public function create(array $data, bool $emailConfirmed = false): User

{

$details = [

- 'name' => $data['name'],

- 'email' => $data['email'],

- 'password' => bcrypt($data['password']),

- 'email_confirmed' => $emailConfirmed,

+ 'name' => $data['name'],

+ 'email' => $data['email'],

+ 'password' => bcrypt($data['password']),

+ 'email_confirmed' => $emailConfirmed,

'external_auth_id' => $data['external_auth_id'] ?? '',

];

- return User::query()->forceCreate($details);

+ $user = new User();

+ $user->forceFill($details);

+ $user->refreshSlug();

+ $user->save();

+ return $user;

}

/**

* Remove the given user from storage, Delete all related content.

+ *

* @throws Exception

public function destroy(User $user, ?int $newOwnerId = null)

{

$user->socialAccounts()->delete();

$user->apiTokens()->delete();

+ $user->favourites()->delete();

+ $user->mfaValues()->delete();

$user->delete();

- // Delete user profile images

- $profileImages = Image::query()->where('type', '=', 'user')

- ->where('uploaded_to', '=', $user->id)

- ->get();

- foreach ($profileImages as $image) {

- Images::destroy($image);

- }

+ // Delete user profile images

+ $this->userAvatar->destroyAllForUser($user);

if (!empty($newOwnerId)) {

$newOwner = User::query()->find($newOwnerId);

@@ -194,21 +210,13 @@ class UserRepo

protected function migrateOwnership(User $fromUser, User $toUser)

{

- $entities = (new EntityProvider)->all();

+ $entities = (new EntityProvider())->all();

foreach ($entities as $instance) {

$instance->newQuery()->where('owned_by', '=', $fromUser->id)

->update(['owned_by' => $toUser->id]);

}

- /**

- * Get the latest activity for a user.

- */

- public function getActivity(User $user, int $count = 20, int $page = 0): array

- {

- return Activity::userActivity($user, $count, $page);

- }

/**

* Get the recently created content for this given user.

@@ -235,11 +243,12 @@ class UserRepo

public function getAssetCounts(User $user): array

{

$createdBy = ['created_by' => $user->id];

return [

- 'pages' => Page::visible()->where($createdBy)->count(),

- 'chapters' => Chapter::visible()->where($createdBy)->count(),

- 'books' => Book::visible()->where($createdBy)->count(),

- 'shelves' => Bookshelf::visible()->where($createdBy)->count(),

+ 'pages' => Page::visible()->where($createdBy)->count(),

+ 'chapters' => Chapter::visible()->where($createdBy)->count(),

+ 'books' => Book::visible()->where($createdBy)->count(),

+ 'shelves' => Bookshelf::visible()->where($createdBy)->count(),

];

}